{"id":"RHSA-2019:2437","summary":"Red Hat Security Advisory: Red Hat Virtualization security update","modified":"2026-03-13T10:01:32Z","published":"2024-09-13T19:53:41Z","upstream":["CVE-2018-16838","CVE-2018-16881","CVE-2019-0161","CVE-2019-10139","CVE-2019-10160","CVE-2019-1559"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2437"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1640820"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1658366"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1683804"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1687920"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1694065"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1702223"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1709829"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1718388"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1720156"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1720160"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1720310"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1720434"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1720435"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1720436"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1724044"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1726534"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1727007"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1727859"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1728998"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1729023"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_2437.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-16838"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-16838"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16838"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-16881"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-16881"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16881"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-0161"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-0161"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-0161"},{"type":"ARTICLE","url":"https://edk2-docs.gitbooks.io/security-advisory/content/xhci-stack-local-stack-overflow.html"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-1559"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-1559"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1559"},{"type":"ARTICLE","url":"https://github.com/RUB-NDS/TLS-Padding-Oracles"},{"type":"ARTICLE","url":"https://www.openssl.org/news/secadv/20190226.txt"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-10139"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-10139"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10139"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-10160"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-10160"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10160"},{"type":"ARTICLE","url":"https://python-security.readthedocs.io/vuln/urlsplit-nfkc-normalization2.html"}],"affected":[{"package":{"name":"redhat-virtualization-host","ecosystem":"Red Hat:enterprise_linux:7::hypervisor","purl":"pkg:rpm/redhat/redhat-virtualization-host"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.5-20190722.0.el7_7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2437.json"}},{"package":{"name":"redhat-virtualization-host-image-update","ecosystem":"Red Hat:enterprise_linux:7::hypervisor","purl":"pkg:rpm/redhat/redhat-virtualization-host-image-update"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.5-20190722.0.el7_7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2437.json"}},{"package":{"name":"imgbased","ecosystem":"Red Hat:enterprise_linux:7::hypervisor","purl":"pkg:rpm/redhat/imgbased"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.1.9-0.1.el7ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2437.json"}},{"package":{"name":"ovirt-node-ng","ecosystem":"Red Hat:enterprise_linux:7::hypervisor","purl":"pkg:rpm/redhat/ovirt-node-ng"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.5-0.20190717.0.el7ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2437.json"}},{"package":{"name":"ovirt-node-ng-nodectl","ecosystem":"Red Hat:enterprise_linux:7::hypervisor","purl":"pkg:rpm/redhat/ovirt-node-ng-nodectl"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.5-0.20190717.0.el7ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2437.json"}},{"package":{"name":"python-imgbased","ecosystem":"Red Hat:enterprise_linux:7::hypervisor","purl":"pkg:rpm/redhat/python-imgbased"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.1.9-0.1.el7ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2437.json"}},{"package":{"name":"python2-ovirt-node-ng-nodectl","ecosystem":"Red Hat:enterprise_linux:7::hypervisor","purl":"pkg:rpm/redhat/python2-ovirt-node-ng-nodectl"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.5-0.20190717.0.el7ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2437.json"}},{"package":{"name":"redhat-release-virtualization-host","ecosystem":"Red Hat:enterprise_linux:7::hypervisor","purl":"pkg:rpm/redhat/redhat-release-virtualization-host"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.5-2.el7ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2437.json"}},{"package":{"name":"redhat-virtualization-host-image-update-placeholder","ecosystem":"Red Hat:enterprise_linux:7::hypervisor","purl":"pkg:rpm/redhat/redhat-virtualization-host-image-update-placeholder"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.5-2.el7ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2019:2437.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}